CNNVD-202509-354 Information
Sep 03, 2025
cve
CNNVD ID
CNNVD-202509-354
Related CVE
- CNNVD Published: 2025-09-03
Description (Chinese)
Apache DolphinScheduler是美国阿帕奇(Apache)基金会的一个现代数据编排平台。 Apache DolphinScheduler 3.2.2之前版本存在安全漏洞,该漏洞源于输入验证不当,可能导致已验证用户通过警报脚本执行任意shell脚本。
Description (English)
Apache Dolphin Scheduler is a modern data organization platform for the Apache Foundation in the United States. The previous version of Apache Dolphin Scheduler 3.2.2 had a security loophole, which stemmed from inappropriate input validation, which could result in any shell script being executed by a certified user through an alert script.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
Apache Friends
Published
2025-09-03
Last Modified
2026-02-24
References
https://lists.apache.org/thread/qm36nrsv1vrr2j4o5q2wo75h3686hrnj
Patch
https://lists.apache.org/thread/qm36nrsv1vrr2j4o5q2wo75h3686hrnj
Share on: